Jump to content
  • 0

Permissions Confusion?


fattipants2016

Question

Windows x64 20H2, Drivepool 2.2.4.1162

 

My pool has moved from computer-to-computer a few times, and the permissions have become a bit of a disaster.

I've used the Windows Advance Security settings to take ownership, and 'Replace all Child Object Permissions' and ICACLS * /T /Q /C /RESET

 

Either of these seem to fix things, for a while, but eventually certain folders stop respecting some/all of my permissions.

I have several folders I can't write new folders to, for instance, for users other than the owner (admin.)

This is made more complicated, because I have fairly complex Permissions set for my NAS users to let people read/write but no delete/modify.

 

Inheritance is enabled for all folders inside the pool, but disabled for the pool folders on the physical disks. Is this correct?

 

For instance, disks A B C comprise Drivepool D.

 

All subfolders inside D have inheritance enabled, but A:\PoolPart.a62b8f52-8e51-4846-b369-2d00a5f20298 has inheritence disabled, as I'm assuming inheritence in this case would mean inherited from A:\ and not Drivepool D:\

 

The images should make this more clear. 

 

Thank you in advance.

Drivepool.png

Physical Disk.png

Link to comment
Share on other sites

4 answers to this question

Recommended Posts

  • 0

The poolpart folders do not need to inherit their permissions from their respective volume roots (though they default to doing so on a newly created pool using previously unformatted drives). The SYSTEM account must have full control of the poolpart folder, subfolders and files. The Administrators account is recommended to have full control of same. For more details, I have just created this thread.

Link to comment
Share on other sites

  • 0

I've occasionally had problems with using Windows own built-in security tab to fix pools where (very) long paths are involved and/or where the permissions have broken in a way that isn't shown by the tab. And when the usual power combo of takeown+icacls didn't fix them either (and wow finding out "why not?" was a trip down a rabbit hole), that's when I went hunting and thankfully found SetACL.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...